On Sun, Jun 12, 2016 at 8:09 PM, Gert Doering wrote:
> On Sun, Jun 12, 2016 at 07:56:50PM +0200, Steffan Karger wrote:
>> > Can we detect and #ifdef this at build time?
>> >
>> > Yes, adding another #ifdef is what we try to avoid - but this is a fairly
>> > localized thing, and the dependency is c
Hi,
On Sun, Jun 12, 2016 at 07:56:50PM +0200, Steffan Karger wrote:
> > Can we detect and #ifdef this at build time?
> >
> > Yes, adding another #ifdef is what we try to avoid - but this is a fairly
> > localized thing, and the dependency is clear, not a "user selectable
> > combination of build o
On Sun, Jun 12, 2016 at 7:34 PM, Gert Doering wrote:
> On Sun, Jun 12, 2016 at 06:10:30PM +0200, Steffan Karger wrote:
>> On Sun, Jun 12, 2016 at 5:14 PM, Magnus Kroken wrote:
>> > Is it safe to remove the call to debug_set_threshold? Is it only used
>> > for more verbose logging, or can this cau
Hi,
On Sun, Jun 12, 2016 at 06:10:30PM +0200, Steffan Karger wrote:
> On Sun, Jun 12, 2016 at 5:14 PM, Magnus Kroken wrote:
> > Is it safe to remove the call to debug_set_threshold? Is it only used
> > for more verbose logging, or can this cause a TLS error to not be
> > noticed (or lead to other
Hi,
On Sun, Jun 12, 2016 at 5:14 PM, Magnus Kroken wrote:
> Is it safe to remove the call to debug_set_threshold? Is it only used
> for more verbose logging, or can this cause a TLS error to not be
> noticed (or lead to other security implications)?
Yes, the debug_set_threshold() call is only us
Hi
The mbedTLS/PolarSSL build of OpenVPN depends on the debug.c part of
mbedTLS. Specifically ssl_polarssl.c (ssl_mbedtls.c in master branch),
key_state_ssl_init() calls debug_set_threshold() [1]. Removing this line
removes the dependency.
Is it safe to remove the call to debug_set_threshold
